Publication Type

Journal Article

Version

acceptedVersion

Publication Date

1-2022

Abstract

A common practice in data redaction is removing sensitive information prior to data publication or release. In data-driven applications, one must be convinced that the redacted data is still trustworthy. Meanwhile, the data redactor must be held accountable for (malicious) redaction, which could change/hide the meaning of the original data. Motivated by these concerns, we present a novel solution for authenticated data redaction based on a new Redactable Signature Scheme with Implicit Accountability (RSS - IA). In the event of a dispute, not only the original data signer but also the redactor can generate an evidence tag to unequivocally identify the party who produced the data/signature pair. Without the evidence tag, the redaction operation is transparent. Furthermore, the redactor can independently prove the trustworthiness of the redacted data, without any interaction with the original data signer. Our design is built on a new approach which adds accountability to any transparent redactable signature schemes. We show that the proposed design satisfies all the security goals with affordable cost. As an extension, we show how to realize accountable, transparent and authenticated data redaction in the multi-redactor setting.

Keywords

Data redaction, accountability, authenticity, redactable signature, transparency

Discipline

Information Security

Research Areas

Cybersecurity

Publication

IEEE Transactions on Dependable and Secure Computing

Volume

19

Issue

1

First Page

149

Last Page

160

ISSN

1545-5971

Identifier

10.1109/TDSC.2020.2998135

Publisher

Institute of Electrical and Electronics Engineers

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1109/TDSC.2020.2998135

Share

COinS